httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Paul Hooper <>
Subject RE: ssl is broken
Date Wed, 03 Oct 2001 14:22:30 GMT
Yeah, yeah

-----Original Message-----
From: Ryan Bloom []
Sent: 03 October 2001 15:24
To:; Justin Erenkrantz
Subject: Re: ssl is broken

On Tuesday 02 October 2001 10:11 pm, Justin Erenkrantz wrote:
> On Wed, Oct 03, 2001 at 12:51:09AM -0400, MATHIHALLI,MADHUSUDAN
(HP-Cupertino,ex1) wrote:
> > I'm running into all sorts of filter problems. The initial client
> > is itself not received completely.. For ex., the apr_bucket_read
> > (ssl_engine_io.c:218) returns 20 bytes when the client has sent 103
> > bytes.
> >
> > The ssl_hook_process_connection (mod_ssl.c:360) returns with a error to
> > read more (which is not being handled right now). This is a problem as
> > the SSL filter expects that *all* the data sent by the client is
> > in one complete chunk..
> >
> > If I try forcing the bucket_read again (incase of a SSL_WANT_READ
> > it's still not able to read the full data.
> Whenever mod_ssl is handling the request, it needs to remove CORE_IN
> and be able to match CORE_IN's functionality (i.e. handle the same
> modes as CORE_IN).  This is how I would expect it to work given the
> new implementation.

This is bogus.  The whole point of the SSL module being written to use
was that it doesn't need to replace CORE_IN.

Ryan Bloom
Covalent Technologies

This email (including attachments) is confidential.  If you have received
this email in error please notify the sender immediately and delete this
email from your system without copying or disseminating it or placing any
reliance upon its contents.  We cannot accept liability for any breaches of
confidence arising through use of email.  Any opinions expressed in this
email (including attachments) are those of the author and do not necessarily
reflect our opinions.  We will not accept responsibility for any commitments
made by our employees outside the scope of our business.  We do not warrant
the accuracy or completeness of such information.

View raw message